Named DNS SERVFAIL error?

Posted on

hi,

In a lab environment, configured a server to have local DNS and a forward option for external (internet) via another DNS server with working forward in a Windows domain.

queries come back with 'can't find' but when I do TCP dumps of packets to/from the windows DNS I see the following.

nslookup google.com

out goes the query, and a request for nameservers
12:57:29.674297 IP 10.210.40.8.62442 > 10.210.46.16.domain: 37870+ A? google.com. (28)
12:57:29.674390 IP 10.210.40.8.35119 > 10.210.46.16.domain: 2652+ NS? . (17)

Answers back are:

12:57:29.674418 IP 10.210.46.16.domain > 10.210.40.8.62442: 37870 1/0/0 A 172.217.3.174 (44) <<-- ANSWER!
12:57:29.674525 IP 10.210.46.16.domain > 10.210.40.8.35119: 2652 13/0/12 NS g.root-servers.net., NS e.root-servers.net., NS l.root-servers.net., NS h.root-servers.net., NS m.root-servers.net., NS j.root-servers.net., NS d.root-servers.net., NS k.root-servers.net., NS f.root-servers.net., NS a.root-servers.net., NS i.root-servers.net., NS b.root-servers.net., NS c.root-servers.net. (505)

So my RHEL eth get's the IP but somehow NSlookup doesn't get it? the forward seems to be working properly.

;; Got SERVFAIL reply from 127.0.0.1, trying next server
Server: 127.0.0.1
Address: 127.0.0.1#53

** server can't find google.com: NXDOMAIN

Similarly, DIG also drops the answer section altogether.
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 50535
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com. IN A

;; Query time: 4001 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Aug 04 13:17:59 CDT 2018
;; MSG SIZE rcvd: 39

Thanks

Responses